Spaces:
Running
Local run — SolidPrivacy Scrub
Status: minimal local Streamlit launcher for WP46, local privacy validation for WP47 and Windows portable proof-of-concept launcher for WP48.
This local run path starts the existing Streamlit app on your own machine. It is intended for local confidential-processing validation after setup, not as a finished installer or desktop package.
Python version assumption
Use Python 3.10.
This matches the current Docker base image and the pyproject.toml Python requirement.
Install dependencies
Recommended setup with Poetry:
python -m pip install "poetry==1.8.5"
poetry install --no-root
poetry run python -m pip install --upgrade "packaging>=24.2,<27"
poetry run python -m pip install python-docx pymupdf reportlab pypdf
The final install line mirrors the extra document/PDF packages installed by the current container startup environment.
Run Scrub locally
From the repository root:
poetry run python scripts/run_local_streamlit.py
The launcher executes:
python fix_streamlit_nested_expanders.py
python fix_streamlit_pdf_text_reinsert.py
python -m streamlit run presidio_streamlit.py --server.address 127.0.0.1 --server.port 8501 --server.headless true --browser.gatherUsageStats false
Open:
http://127.0.0.1:8501
To use another local port:
poetry run python scripts/run_local_streamlit.py --port 8502
WP48 Windows portable proof of concept
WP48 adds a Windows portable proof of concept wrapper:
scripts\run_windows_portable_poc.ps1
From the repository root on Windows PowerShell:
powershell -ExecutionPolicy Bypass -File .\scripts\run_windows_portable_poc.ps1
The wrapper delegates to the existing Python launcher:
scripts/run_local_streamlit.py
The wrapper defaults to 127.0.0.1 and port 8501. It does not add a separate packaging system and does not change Streamlit UI behavior, upload/download/export/reinsert semantics, telemetry settings, cloud processing or dependency setup.
WP48 is not a production installer, not an MSI, not PyInstaller packaging and not a full offline guarantee. It is only a portable Windows/Python proof of concept for a local repository folder.
See also:
WINDOWS_PORTABLE_POC.md
Local-only warning
This launcher binds Streamlit to 127.0.0.1 by default. That means the app is intended to be reachable only from the same machine.
Do not change the address to 0.0.0.0 for confidential documents unless a later security review explicitly approves that deployment mode.
Hugging Face demo boundary
The Hugging Face Space remains a demo and development environment for synthetic or non-confidential examples. Do not process confidential real documents, real Scrub Keys, real audit reports or real client/care/legal material in the Hugging Face demo.
Use the local runtime for confidential-processing validation after setup, and still treat the local runtime as an MVP validation path rather than a complete production security claim.
Runtime privacy expectations
The local launcher should pass only runtime options to Streamlit. It should not pass source document content, file names, Scrub Key values, restored output or audit content as command-line arguments.
The launcher itself should not create application-managed temporary files, write document-content logs, configure telemetry or add network/cloud endpoints. Streamlit and the browser may still use normal local runtime memory, upload handling and local caches; WP47 validates these launcher and documentation boundaries but does not prove a full offline or network-traffic guarantee.
Any temporary/runtime files introduced by future helpers must stay local, avoid original document snippets in logs, and be removed or documented explicitly.
No installer, PyInstaller, Tauri, Electron, MSI or packaging behavior is introduced by the base local run path. WP48 adds only a Windows PowerShell proof-of-concept wrapper around the same local launcher.
No telemetry / no cloud processing claim
The command disables Streamlit usage stats with --browser.gatherUsageStats false.
The current local launcher does not add AI processing, cloud document processing or telemetry endpoints. This is a local MVP boundary check, not a complete production security certification.
No real data in the repo
Do not commit real documents, real Scrub Keys, real audit reports, real names, real case files or real care data to this repository.
Use synthetic examples for tests, screenshots and support diagnostics.
What files are processed locally
With this launcher, the existing Streamlit app processes uploaded documents in the local Python process:
- source TXT, DOCX and supported PDF input selected in the browser;
- scrubbed output generated by the app;
- Scrub Key JSON selected or downloaded by the user;
- restored TXT or DOCX output generated by reinsert flows;
- audit/report downloads generated by the app.
The current app should not upload document content for core scrub/review/reinsert flows. WP47 added local-runtime privacy tests for launcher/documentation boundaries, while later work is still needed before production security claims.
What is not guaranteed yet
This is not yet:
- a Windows installer;
- an MSI;
- a PyInstaller package;
- a Tauri or Electron desktop app;
- a signed or managed enterprise deployment;
- a full offline guarantee;
- a network-traffic validation result;
- a temp-file privacy validation result;
- a guarantee that every optional model or dependency is already available offline;
- a change to Streamlit UI behavior;
- a change to export or reinsert semantics.
Next validation step
Next recommended workpackage:
WP49 — Desktop packaging decision
WP49 should decide the longer-term packaging direction across Streamlit/Python folder, PyInstaller, Tauri, Electron or managed enterprise deployment before any production installer claim.